SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...
WinBuzzer

Windows Zero-Day Published on Github as Microsoft Fails to Act

A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...

Project Glasswing aims to secure the world’s software, and Anthropic’s mythology

Anthropic is pitching Project Glasswing as a cybersecurity breakthrough, but the first battle may be getting everyone to ...

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting ...
MacStories

Claude Mythos Preview Will Only Secure Part of the Internet

Anthropic found thousands of vulnerabilities across every major OS and web browser with Mythos Preview, but used these three ...
Que.com on MSN

The 2026 cybersecurity reckoning: AI-driven zero-days and the siege of critical infrastructure

The digital landscape of April 8, 2026, has reached a critical inflection point, marked by a dual escalation that challenges ...

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

New Rowhammer attacks give complete control of machines running Nvidia GPUs

A separate mitigation is to enable Error Correcting Codes (ECC) on the GPU, something Nvidia allows to be done using a ...

AI Just Hacked One Of The World's Most Secure Operating Systems

An AI agent just autonomously exploited a FreeBSD kernel vulnerability in four hours, signaling a fundamental shift in the ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch deadline.